ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Elasticsearch Instance of Sales Leads on AWS Data Breach

Significant exposure
Verified breach
Accounts exposed 5,788,169
Breach date 29 Oct 2018
Added to tracker 17 Nov 2018
Data classes 4

What happened

In October 2018, security researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Despite best efforts, it was not possible to identify the owner of the data hence this breach as been titled "Elasticsearch Sales Leads".

Exposed data

Email addresses Employers Names Physical addresses

Recommended actions

  • Watch for targeted phishing emails referencing Elasticsearch Instance of Sales Leads on AWS โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP